662 matches found
GIMP integer overflow
Integer overflow on .BPM, .PSD files parsing...
CA Products That Embed Ingres Multiple Vulnerabilities
Title: CA Products That Embed Ingres Multiple Vulnerabilities CA Advisory Date: 2008-08-01 Reported By: iDefense Labs Impact: A remote attacker can execute arbitrary code, gain privileges, or cause a denial of service condition. Summary: CA products that embed Ingres contain multiple...
CVE-2008-1342
Multiple cross-site scripting XSS vulnerabilities in the search feature in Polymita BPM-Suite and CollagePortal allow remote attackers to inject arbitrary web script or HTML via the 1 q and 2 luceneindexfieldvalue parameters. NOTE: the provenance of this information is unknown; the details are...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the search feature in Polymita BPM-Suite and CollagePortal allow remote attackers to inject arbitrary web script or HTML via the 1 q and 2 luceneindexfieldvalue parameters. NOTE: the provenance of this information is unknown; the details are...
CVE-2008-1342
Multiple cross-site scripting XSS vulnerabilities in the search feature in Polymita BPM-Suite and CollagePortal allow remote attackers to inject arbitrary web script or HTML via the 1 q and 2 luceneindexfieldvalue parameters. NOTE: the provenance of this information is unknown; the details are...
CVE-2008-1342
CVE-2008-1342 affects the search feature in Polymita BPM-Suite and CollagePortal . The vulnerabilities are described as cross-site scripting (XSS) weaknesses that allow remote attackers to inject arbitrary web script or HTML via the parameters _q and lucene_index_field_value . The sources consist...
Code injection
Unspecified vulnerability in Appian Enterprise Business Process Management BPM Suite 5.6 SP1 allows remote attackers to cause a denial of service via a crafted packet to port 5400/tcp...
CVE-2007-6509
Unspecified vulnerability in Appian Enterprise Business Process Management BPM Suite 5.6 SP1 allows remote attackers to cause a denial of service via a crafted packet to port 5400/tcp...
CVE-2007-6509
Unspecified vulnerability in Appian Enterprise Business Process Management BPM Suite 5.6 SP1 allows remote attackers to cause a denial of service via a crafted packet to port 5400/tcp...
CVE-2007-6509
CVE-2007-6509 affects Appian Enterprise BPM Suite 5.6 SP1. The vulnerability is described as an unspecified remote denial of service caused by sending a crafted packet to port 5400/tcp. The connected documents confirm a DoS exploit context (e.g., Metasploit module and PoC references), but no patc...
Appian Enterprise Business Process Management Suite DoS
Application hang on malformed TCP/5400 packet...
CVE-2002-1780
BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a remote attacker to cause a denial of service crash by sending a URL request for a MS-DOS device such as con. NOTE: it has been disputed that this and possibly other application-level DOS device issues stem from a bug in Window...
CVE-2002-1780
BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that enables a remote attacker to cause a denial of service (crash) by sending a URL request for a MS-DOS device such as con. The note indicates that some of these application-level DOS device issues may stem from a Windows bug, and the pro...
CVE-2002-1780
BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a remote attacker to cause a denial of service crash by sending a URL request for a MS-DOS device such as con. NOTE: it has been disputed that this and possibly other application-level DOS device issues stem from a bug in Window...
CVE-2002-0331
Directory traversal vulnerability in the HTTP server for BPM Studio Pro 4.2 allows remote attackers to read arbitrary files via a .. dot dot in the HTTP request...
CVE-2002-0331
CVE-2002-0331 describes a directory traversal vulnerability in the HTTP server of BPM Studio Pro 4.2, enabling remote attackers to read arbitrary files by using a dot-dot sequence in the HTTP request. Per the provided records, the impact is listed as confidentiality: none , integrity: partial , a...
CVE-2002-0331
Directory traversal vulnerability in the HTTP server for BPM Studio Pro 4.2 allows remote attackers to read arbitrary files via a .. dot dot in the HTTP request...
Многочисленные ошибки в BPM Studio (multiple bugs)
Доступ к специальным устройствам, обратный путь в каталогах...
BPM STUDIO PRO 4.2 DOS DEVICE PATH VULNERABILITY
Hi Bugtraq !! BPM STUDIO PRO 4.2 is one of the most famous mp3 mixer and player and it has an http server implementation for manage the player via the web browser. Unfortunatly, when you perform a simple http request like: http://BPM-HOST/con/con you can crash instantly non-patched Win9x host wit...
BPM STUDIO PRO 4.2 DIRECTORY ESCAPE VULNERABILITY
Hi bugtraq again... Now i' ve found another vulnerability in BPM STUDIO PRO 4.2 http server implementation. Anyone can download any file in some host running this software simply like performing this http request : http://BPM-HOST/../../../../autoexec.bat http server is not activated by default...